Symantec Endpoint Protection Manager service stops with "The Java Virtual Machine has exited with a code of -1, the service is being stopped." after using the IIS Lockdown Tool.


Article ID: 177879


Updated On:


Endpoint Protection


After what appears to be a successful install of the Symantec Endpoint Protection Manager (SEPM), you are unable to log in using the SEPM Console.

You find the following HTTP error (or similar) in the log "scm-server-x.log" (where x is a number) located in the SEPM install directory under the "tomcat\logs" subdirectory.

java.lang.Exception: HTTP 404 Object Not Found, URL: http://:/secars/secars.dll?action=34


This behavior may be caused by running the IIS Lockdown Tool from Microsoft, either before, or after the SEPM is installed. The IIS Lockdown Tool makes fundamental changes to the security profile of IIS and related services. Its use without careful consideration, planning and testing, can prevent the SEPM from operating correctly, or from certain resources the SEPM utilizes from being accessible.


If the IIS Lockdown Tool has been used, you may want to try reverting the changes made by the utility. This can be accomplished by running the IIS Lockdown Tool again and allowing it to revert the previously made changes. Once this process is complete, a restart of the IIS and SEPM services should be performed. A full system restart may or may not be required.

For more information on the IIS Lockdown Tool, its uses and what changes it makes, please see Microsoft's website at the following URL.

Technical Information
Note: The IIS Lockdown Tool is designed only for IIS 4.0 (Windows NT 4.0), 5.0 (Windows 2000) and 5.1 (Windows XP). Its use is not supported on other versions of IIS and the results of doing so are unknown.